I need help to get rid of root kit please

Status
Not open for further replies.
Joined
Feb 17, 2007
Messages
3,998
Location
Clermont, Florida
This is the second time now in the last few months that I have had computer problems. I had a fake anti virus bug back in December, and I got rid of it with help from here on BITOG. Now I have a root kit on my computer. I really don't know what a root kit is, other than I read online that dirtbags and crooks use them to gain control of my computer and use it to send out spam and try to make people pay for advertising. I have no idea how serious it is but I need this root kit gone, so I appreciate any help here.

Here is what has happened so far. About two weeks ago I reinstalled Itunes on my computer. I downloaded the full version from Apple. At the time I was running MWB, SAS and the paid version of AVG. AVG did not work well with my computer and Itunes, really slowed it down after the Itunes install. So I removed AVG and went with MSE, kept MWB and SAS. Computer worked better after that. Then I read about how to use a zip file to install a stripped down version of Itunes. I figured it would be a lot better without all of the Apple bloat ware, so last week I downloaded a free 30 day trial of Revo Uninstaller Pro, used it to completely remove all of the Itunes and Apple files off my computer. Then I followed this online tutorial to install the stripped version of Itunes without Bonjour and all of the Ipad/Iphone support junk that I do not need:

http://www.zdnet.com/blog/bott/the-unofficial-guide-to-installing-itunes-10-without-bloatware/2390

I downloaded and used Izarc for the file extraction and the Itunes install worked perfectly. I went into my task manager and unchecked the Itunes Helper application so it would not run at startup and would not run in the background. I don't need Itunes Helper. Itunes, MSE, and the rest of my computer and programs had all been doing fine, working very well until yesterday. I noticed that the computer was back to going into suspension after only 10 minutes of idle time. I had it set at 1 hour and I had not changed any of the settings. I changed it back to 1 hour. Then yesterday I had to re-start my computer and got this error message:

"The application or dll c:\windows\system\32\nview.dll is not a valid windows image. Please check this against your installation diskette".

I had no idea what that error message means. I Googled it today and found out that it could be a very bad piece of malware. I want to get rid of it, and here is what I have done so far:

I ran rkill from a flash drive, it gave two error messages that it was unable to start, or unable to run, something to that effect.

I wanted to run Combofix, it could not run with MSE installed, so I used Revo to remove MSE, then I ran Combofix, 30 seconds into it I got a message from Combofix saying my "computer is infected with Rootkit.ZeroAccess and it has inserted itself to the TCP/IP stack".

I ran a SAS scan, it found a few tracking cookies, nothing else. I ran a quick and a full scan of MWB, ran them both from MWB on a flash drive, neither scan found anything.

I then tried to use my AVG paid version disc to reinstall AVG to try to get rid of the rootkit, and AVG would not run at all, would not put AVG back on my computer. The only thing that happened was the disc spun in my disc drive for a minute or so and then quit. I went online to download a free AVG program, they have a free trial of the full version, so I got the full AVG program online, installed it and ran a scan. It found some tracking cookies and it said it found and removed a corrupted executable file:

"";"C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\6HD20ZT0\avg_isct_stb_all_2012_1913_free[1].exe";"Corrupted executable file";"Moved to Virus Vault"

I have restarted my computer and I still get the first error message about the nview dll is not a valid windows image. That tells me the root kit is still in my computer. I find it very interesting that back in December when I got that fake AV bug, I was using MSE, and now I get this root kit problem while running MSE too. I have not downloaded any porn or gone to any questionable sites. I have absolutely no interest in porn. I read a post here on Thursday that was about the old Loraine Ford assembly plant, it had a lot of pictures that were slow to open, and I noticed the pics had been uploaded with Image Shack. Image Shack is where I picked up that fake AV bug in December. I use Photobucket now if I need to upload pics online, have had no trouble with it at all.

I ran Hijack This, here is a copy of the scan log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:23:36 PM, on 3/24/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\CMWP9OQ6\HijackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1288411228531
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsof...b?1288411273078
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6832 bytes


The computer I use is about 6 years old. It's a Dell, only has 1022 mb of memory and an 80 gig hard drive, it is very basic but it works OK. I bought it used. The computer seems to be running OK, it is not slowed down or anything, it appears no other changes have been made without my knowledge, my bank account and credit cards are all OK. I am sorry for such a long post but I needed to post everything that has happened since this root kit problem started. I don't know what the root kit is or how serious it is. I am trying to read online to fix it but I am computer illiterate and am not having much luck. If anyone here knows how to fix this new problem, I would very much appreciate your help.

Thanks.
 
did you boot into safe mode when you tried to run these programs? if safe mode is disabled, go here

http://www.sevenforums.com/tutorials/19449-default-file-type-associations-restore.html

and scroll down to the. exe registry fix and run it before running your removal tools. also download norton power eraser, kaspersky tdsskiller, and spybot search and destroy. also consider downloading avast free antivirus, my personal fave. let us know if that helped. is this xp, vista, or 7?
 
I tried the tdsskiller, it says it quarantined the rootkit, but I have no way remove it or delete it from my computer. I don't see where the quarantine is. I did not run anything in safe mode. I will try your other suggestions. I am running XP, SP3 but I do not have a copy of the Windows OS.

Thansk very much for your help.
 
Go to spywarehammer dot com, they'll tell you how to get rid of it for good. Great site for virus, malware, etc. removal. HTH
 
Originally Posted By: Jimmy9190
I tried the tdsskiller, it says it quarantined the rootkit, but I have no way remove it or delete it from my computer. I don't see where the quarantine is. I did not run anything in safe mode. I will try your other suggestions. I am running XP, SP3 but I do not have a copy of the Windows OS.

Thansk very much for your help.


First, you'll need a copy of XP SP3. I have an OEM image from Technet that you'll be able to use to reinstall (if need be) using the key on your computer case. I'll upload it to the file server on one of my websites and send you the link later today. You'll need a blank CD and ImgBurn to burn the disc.

From what I've gleaned in a quick search this particular rootkit may not be completely removed even by a reinstall and may require you to run something like DBAN before reinstalling.

The particular rootkit has infected nview.dll which from what I can tell is one of the .dll files tied to your Nvidia graphics car (or motherboard chipset).

I'll get back to you later today when I have time.

In the mean time here's some "light" reading on the topic.

http://www.bleepingcomputer.com/forums/topic435447.html
http://forums.majorgeeks.com/showthread.php?t=243762
http://www.2-viruses.com/remove-zeroaccess-rootkit
http://blog.webroot.com/2011/07/08/zeroaccess-rootkit-guards-itself-with-a-tripwire/

http://blog.webroot.com/2011/08/03/new-tool-released-kiss-or-kick-zeroaccess-goodbye/
This last link has info about a removal tool from Webroot that might remove the threat.

Also for a second opinion scan download and run HitmanPro. http://www.surfright.nl/en/hitmanpro It's been recently updated to a new scanning and removal engine.

If you do need to end up completely wiping the drive, from what I can the particular rookit shouldn't have affected your user files so I can walk you through using something like a live CD version of Linux Mint to get all your music, documents etc copied off the machine before nuking the hard drive.
 
Thanks for all of your help. Unfortunately, nothing I have tried has worked to get rid of the rootkit. I could not get the MS System Sweeper tool to work, either.

So, as much as I hate to spend the money, I am just going to buy myself a new computer today. I will get one that has enough power and memory to run a real anti-virus/anti-malware/spyware program. I will never run MSE again, that is for sure. I have one more license left on my AVG disc, hopefully it will work with a new computer and keep the scammers, dirtbags and internet thieves away from me. I swear those people who write and distribute all of that malicious online garbage should be strung up and shot.

I am looking at this computer here, it is on sale at Staples, regular price is $429.00, on sale for $329.00:

http://www.staples.com/HP-Pavilion-p6-2100-Desktop-PC/product_444697

It has 4 GB of memory and a 1TB hard drive. I think it should be all the computer I need. It has Windows 7 Home Premium, and I use Windows 7 Professional on my work computer, so I am already familiar with it.

I am done trying to fix this old computer. It's just not happening. From what I read online, it is pretty much impossible to get rid of that root kit, and I don't have the knowledge to reinstall my OS and all of that. Besides, this computer is old, outdated and slow. I just can't see spending money to fix it.

I will be sure to protect my new one with AVG, and still continue to use MWB and SAS. That Spyware Hammer site has some good tips and info on keeping spyware at bay too. I may try Spyware Blaster instead of SAS on my new computer.

Thanks again for helping me with this problem.
 
Originally Posted By: Jimmy9190
Thanks for all of your help. Unfortunately, nothing I have tried has worked to get rid of the rootkit. I could not get the MS System Sweeper tool to work, either.

I've never gotten that ill conceived and executed garbage to work either.

Quote:
I will never run MSE again, that is for sure. I have one more license left on my AVG disc,

While I can understand the frustration, it might not have been entirely MSE's fault. The bug you picked up relies on Javascript exploits. If you weren't running a version of Java higher than 6-27 that is how it can get on your machine.


Quote:
I may try Spyware Blaster instead of SAS on my new computer.

I've found SAS to be pretty much useless anymore. I rely on HitmanPro and MWB instead.
 
xp is so long in the tooth that the malware programmers consider infecting an xp machine as easy as changing a motor in a old vw beetle.

once my company adopted and started deploying win 7, my virus/ malware. work orders went down very fast.

anyone still using xp needs to save to an external drive and be prepared to wipe and reinstall a a minutes notice.

when you setup your new pc, update immediately, upgrade to internet explorer 9 , but use google chrome , firefox, or opera as your default browser. upgrade java as well.

We use avg at work and it does a decent job of protecting the pc's, but an outdated/ non updated pc is vulnerable no matter what antivirus you use.

just for funsie's, wait a couple months and fire up that old pc, most if the malware tools should have the ability to remove it. then sell it on craigslist.

good luck
 
Thanks again. I think I am making the right decision to buy a new computer. What do you guys think of the specs on the HP I am considering? Is it a good bargain and a good computer for the price?

Also, if AVG is decent, is there a better Antivirus program to buy? If there is a better one, I don't mind spending the money for it but there are so many that I don't know which one to choose. I bought my AVG disc at Walmart at 10:00 on a Saturday night when I was trying to get rid of the Fake Anti Virus 2012 bug.

Staples has one I never heard of, called Trend Titanium, the basic version is free with an in-store rebate, $39.99 regular price. There is also the Titanium Maximum Security version that could get for $10.00 after a $45.00 in-store rebate. They have a mail-in rebate on McAfee, Antivirus plus is free after MIR, regular price is $39.99. McAfee total protection is $10.00 after MIR, regular price is $79.99. They have Kaspersky Internet Security too, $19.99 after a $40.00 in-store rebate. I have no idea which one is good or bad.

I ado appreciate all of your help on this. Thanks very much.
 
Dealing with hidden, confusing computer problems is no fun. Period. Major life interruption these days. I understand just wanting to leave behind the old machine and all its accrued problems for a brand new one. Hopefully your data is not been affected and you can get all your email, docs, browser bookmarks, etc. off.

I too use an old Dell, a Dimension 5150, running XP SP3. It was given to me when the power supply died.

I haven't used Internet Explorer in a very long time. I would recommend using FireFox (or something else) with a few plug-ins that will prevent scripts from auto-running. Ad block+, Flashblock, and No Script will allow you to extinguish ads, kill popups, and choose what you want running in a browser window. I also run CCleaner on a daily basis.

Backups are very important, even crucial, so you have a fall back position when something like this happens. I use Acronis and store backups onto a separate hard drive, internal to the Dell.

When you get your new machine, and have cleaned off the trial apps, you'll want to image the HD so you can always go back to that point. (Even if it comes with a reinstall disk).

Here's an excellent site that not only covers an OS reinstall, but backups, tweaking your OS, and good tools to use. Tweakhound
 
Originally Posted By: Jimmy9190
Thanks again. I think I am making the right decision to buy a new computer. What do you guys think of the specs on the HP I am considering? Is it a good bargain and a good computer for the price?

Also, if AVG is decent, is there a better Antivirus program to buy? If there is a better one, I don't mind spending the money for it but there are so many that I don't know which one to choose. I bought my AVG disc at Walmart at 10:00 on a Saturday night when I was trying to get rid of the Fake Anti Virus 2012 bug.

Staples has one I never heard of, called Trend Titanium, the basic version is free with an in-store rebate, $39.99 regular price. There is also the Titanium Maximum Security version that could get for $10.00 after a $45.00 in-store rebate. They have a mail-in rebate on McAfee, Antivirus plus is free after MIR, regular price is $39.99. McAfee total protection is $10.00 after MIR, regular price is $79.99. They have Kaspersky Internet Security too, $19.99 after a $40.00 in-store rebate. I have no idea which one is good or bad.

I ado appreciate all of your help on this. Thanks very much.

If you've already paid for AVG stick with it. Of the other's you've mentioned, I'd avoid them particularly McAfee. Its free after MIR for a reason.

At this point a new computer is the way to go just for the fact you can abandon XP.

Make sure you update Java as well to 6.31 as that is likely how that nasty got on your old system.

MSE caught 3 exploits on my wife's computer last week and yesterday caught one on mine. They were all java exploits. However, I wasn't at risk from infection from them as only versions of java prior to 6.18 were vulnerable to 2 of them and one was targeted at 6.28 or lower.

That computer isn't bad, but isn't great either. That AMD APU as of summer 2011:

Quote:
The A4-3420 will most probably be one of the last Llano APUs to see the light of day, as in June or July this year AMD is said to introduce the Trinity accelerated processing units based on the Bulldozer architecture.


The processor itself retails for about $65

That being said, its built in GPU is supposed to be decent for as far as budget GPUs go.

Here's how it stacks up.

2myrg2g.png
 
Well I bought the HP computer, it was the best deal I could find on a decent computer at a price I could afford. I am in the process of setting it all up, there is a lot of fluff and bloatware on that that I need to get rid of. It has a lot of music and games programs, has a basic Word program (I have the real Word and Excel on a disc already) and there are some printing and picture programs I don't need..It does have a free 60-day trial of Norton Anti Virus, I am leaving that in place for the 60 days, so far I like it a lot, it even has a Norton Safe Web tool bar to keep me off of any bad websites.

Things look different going from XP to Win 7 on the Home Edition, but it is good. This computer is a lot faster than what I had, the key will be how well it does with Itunes installed. I am still going to install the stripped down version of Itunes, I really don't need all the other Itunes junk, I just need the music library, the Itunes store and the ability to manage and sync my Ipod.

I am going to put MWB on here, and I like the way HitmanPro worked today, but that was a free trial too. I need to check to see if there is a free version, otherwise I may be stuck using SAS again.

I plan on using the Revo Pro Uninstaller and removing the bloat programs from the computer, then adding MWB, Itunes and the few other programs I use. I have a factory service manual for my truck on pdf that I will put here, and if I ever get a new monitor I might just set up my old infected computer out in the garage with no internet connections, just so I can read the manual if I need it while working on my truck. My old Dell ought to still work OK just for that I guess.

I have a lot to do and a lot to learn here on this new computer. It may not be the very best there is but it is light years ahead of what I had before. It will take me a few days to get it set up the way I want it.

I tried a Google search, but could not really find an answer, why is Google Chrome better than the standard IE browser? Is it more secure or easier to use?

I don't see Java in the list of pograms either, so how can I update it?

Thanks for all of your help on this. I hope I am through with computer problems for a long time.
 
Good luck with the new computer! I'd still give Spyware Hammer a shot, once you join post your question, and someone will walk you through the process, one on one. They'll tell you what to download, and see you through. They helped a buddy of mine a while back.
 
go to www.java.com to get the latest version of java. chrome is faster, renders pages faster, uploads files faster, cleaner interface, more secure because of its simplicity. plus you can get extensions for it that will help keep you safer. i recommend adblock, flashblock, and WOT ( web of trust) works like avg's linkscanner, but more accurate IMHO.

norton is good stuff , but avg is good too imho. you can download panda cloud as a compliment antivirus, its free and ut uses little ram.

i suggest going to www.ninite.com, create an install file for all runtimes( adobe products, quicktime, itunes, java, etc.....) and additional software they list that you use. download it to the desktop and in the future it will check its server and update all the programs you installed when you double click it.
 
Originally Posted By: Jimmy9190

I am going to put MWB on here, and I like the way HitmanPro worked today, but that was a free trial too. I need to check to see if there is a free version, otherwise I may be stuck using SAS again.

No free version of HitmanPro but if you don't want real time protection, its free to use indefinitely as an on demand scanner, If it does find something nasty that you need to remove, you can activate the 30 day trial license and remove it. The best way I've found to use it is as a backup for Malwarebytes. Let MWB scan and remove anything and then confirm its gone wit HitmanPro. If its not gone then use your 30 day trial.

Quote:
I plan on using the Revo Pro Uninstaller and removing the bloat programs from the computer, then adding MWB, Itunes and the few other programs I use.


Word of warning. With (at least the free version anyway) I've noticed it does not necessarily list all the programs installed on Win 7 machines. Use it to strip out what you can but double check in the Programs and Features to see if there are any other programs you want gone that it missed. I don't know why it behaves like this, but it does.

Quote:
I tried a Google search, but could not really find an answer, why is Google Chrome better than the standard IE browser? Is it more secure or easier to use?

Its a bit faster. Without getting into the details, yes Chrome is a bit more secure. Chrome can also open PDFs natively and uses its own Flash installation so you don't have to worry about keeping its flash up do date.

Quote:
I don't see Java in the list of pograms either, so how can I update it?

Go to java.com and download it.

Don't forget to make sure your Flashplayer is up to date.

Also check HP's site to see if there are any updates for the drivers for your machine.
 
Wow, Thanks again guys. I downloaded the latest version of Java, version 6, update 31. I used the Revo Pro Uninstaller, right now there is a free 30 day trial on the Pro version, and I used the tool at decrapifyer.com to remove all of the bloat ware, there was some kind of stupid cartoon music gimmick that I could not get rid of for some reason, even with the Forced Uninstall function. I got rid of all of the other fluff and have just now installed MWB, they are also running a free 30 day trial of the Pro version, maybe that is because this is a new computer. I put Hitman Pro on here, too, I will use it instead of SAS and see how it goes. I tried the Google Chrome browser, I set it as my default browser, so far I like it but need to use it a while to be sure.

I tried tonight to re-install the stripped version of Itunes, went back to download the Izarc zip file program, and what do you know, Norton comes up with a pop-up warning window that tells me the Izarc download page is a known malicious website, and Norton blocked my access to it...Now I have a good idea where that root kit came from. I believe I will be keeping Norton, I will pay for it when the free trial ends, no other virus program I have used has worked anywhere near as well as Norton has, and that in just the few hours I have had my new computer. Norton and MWB both have alerted me and kept me off of a few more malicious sites tonight when I was trying to find a free zip file application that actually works. I need it so I can extract the Itunes installation files and install the stripped version of Itunes. If any of you know of a good one, please let me know. I can't seem to get it to work yet.

Thanks very much for all of your help here.
 
Originally Posted By: Jimmy9190

I tried tonight to re-install the stripped version of Itunes, went back to download the Izarc zip file program, and what do you know, Norton comes up with a pop-up warning window that tells me the Izarc download page is a known malicious website, and Norton blocked my access to it...Now I have a good idea where that root kit came from. If any of you know of a good one, please let me know. I can't seem to get it to work yet.

I'm not surprised. I had never heard of that program before. Though I'm curious as to where you downloaded it from. I went through izarc.org and followed their download link through brothersoft, downloaded the file and scanned it with MSE and MWB and got no positive hits. Using online scanners ESET id's it as having Opencandy which is an adware/spyware program usually tied to some sort of toolbar.

7-Zip
http://downloads.sourceforge.net/sevenzip/7z920-x64.msi

One of the best free ones around. It will open most archive formats. Its own zip format (.7z) when set to "ultra" for the compression level is fantastic.

Install it and make sure if asked that you allow it to add context menu shortcuts. Then right click -> 7zip -> extract files
 
Thanks for the tips here. I tried to use 7-Zip last night, I had problems making it work, then today I figured out what I was doing wrong and how to use 7-Zip, I had not been right clicking on the Itunes installer files and then selecting 7-zip. I just did the stripped version of Itunes again and it downloaded in no time flat.

Later on today I will use Sharepod and move my Itunes library from my Ipod to my computer and then set up my playlists again, but it is great to not have the Itunes bloatware on here. Once I move my library I will disable ItunesHelper too.

The Izarc.org website was OK as far as Norton goes, it was hen I clicked the download button from Brothersoft that I got the malicious website message.

Once again, thanks for your help on all of this. I do appreciate it.
 
Status
Not open for further replies.
Back
Top